Database Administrators Stack Exchange
Database Administrators Stack Exchange

Questions tagged [encryption]

The conversion of data into a form that cannot be easily understood by unauthorized users.

357 questions
22
votes
4 answers

SQL server service won’t start after disabling TLS 1.0 and SSL 3.0

Because of security reasons, we disabled TLS 1.0 and older protocols on our windows, and enabled just TLS 1.1 and TLS 1.2 under the following registry path: …
Jiri Mares
  • 321
  • 1
  • 2
  • 5
19
votes
2 answers

Query to List Encryption Certificate for Databases

What certificate is being used to encrypt each of the databases on the instances. I can get the data using the following but how do I write the queries USE master GO -- this provides the list of certificates SELECT * FROM sys.certificates -- this…
Barry MSIH
  • 293
  • 1
  • 2
  • 6
16
votes
2 answers

How to use aes-encryption in PostgreSQL?

I tried aes-encryption by using following statement: SELECT encrypt('test', 'key', 'aes'); which worked, but I am not able to decrypt the value. I inserted it in a field of datatype bytea but I'm not sure if that was the right way. SELECT…
32bitfloat
  • 627
  • 3
  • 8
  • 18
15
votes
3 answers

When do I need to backup the Service Master Key?

I'm reading some documentation and whitepaper about Transparent Data Encryption. Some documentation mention to backup the Service Master Key as well (For clarification I'm not talking about the Database Master Key). I just don't exactly understand…
gsharp
  • 327
  • 4
  • 13
13
votes
1 answer

How can I know what hashing algorithm SQL Server used to decrypt the encrypted data when using the function DECRYPTBYPASSPHRASE?

My question is related to the following experiment with two instances: SQL Server 2017 Express instance (Microsoft SQL Server 2017 (RTM-CU16)) SQL Server 2014 Express instance (Microsoft SQL Server 2014 (SP2-CU18)) I used the function…
Ronaldo
  • 3,985
  • 1
  • 7
  • 38
13
votes
3 answers

How can I check if connection to Sql Server is encrypted?

In SQL Server I can "Force Encryption" in protocols settings. If I leave that set to "No" any client can still require encryption. Can I somehow see what connections to the database are using encryption?
Mathias Rönnlund
  • 245
  • 1
  • 2
  • 7
11
votes
1 answer

"Force Encryption" vs "Force Protocol Encryption" in SQL Server

I'm trying to understand how the different settings affect the behaviour of my server-client communication. On the server I have installed a self-signed CA with an issued exchange cert which also has been configured to be used by my SQL service. At…
Andreas Zita
  • 259
  • 1
  • 2
  • 8
11
votes
4 answers

Is there a quick way to find all columns in SQL Server 2008 R2 that are encrypted/have encrypted data?

Is there a quick way to find all columns in SQL Server 2008 R2 that are encrypted/have encrypted data? I need to nullify the data in all encrypted columns in a development server (according to our business rules). I know most of the columns because…
efesar
  • 1,016
  • 6
  • 12
11
votes
3 answers

MySQL SSL error: Unable to get private key

Getting an error while trying to enable encryption: [ERROR] SSL error: Unable to get private key from '/etc/mysql/ssl/nginx.key' [Warning] Failed to set up SSL because of the following SSL library error: Unable to get private…
Velkan
  • 331
  • 2
  • 8
10
votes
3 answers

Can I recover a TDE certificate by restoring the MASTER database?

(We are, fortunately, not currently in this situation, just planning ahead to see what our options would be if it ever occurred.) For a database encrypted with Transparent Date Encryption (TDE), a copy of the database backup is unrecoverable unless…
BradC
  • 9,504
  • 8
  • 43
  • 82
10
votes
2 answers

TDE prep: key/certificate backup for restores

I am working in a dev environment to better understand TDE encryption. I have it working along with backups and restores on another server. Had a few questions, I know I need to backup the certificate with the corresponding private key. USE master;…
Thorin
  • 320
  • 2
  • 14
9
votes
1 answer

Why does SQL Server require a private key to encrypt a backup?

I am setting up an experiment where I only have the public key portion of a certificate on the server. The certificate was generated on another server and I did not restore the private key. When I try to backup a database with encryption using that…
kirchner
  • 308
  • 1
  • 7
9
votes
2 answers

Is network traffic encrypted when writing remote backups using SQL Server TDE?

They do say there is no such thing as a “stupid question”, so here goes: I understand that SQL Server Transparent Data Encryption (TDE) encrypts data at rest, so that your database files (.mdf) and your backup files (.bak) are encrypted should…
SQLServerVillain
  • 221
  • 3
  • 6
8
votes
2 answers

Why do I need to backup the Database Master Key?

When I make a Database Master Key for a database: CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'Some Long Password' This page from Microsoft recommends I back it up offsite: http://msdn.microsoft.com/en-us/library/ms174382.aspx I've confirmed through…
Daniel James Bryars
  • 681
  • 1
  • 5
  • 17
8
votes
2 answers

How to restore symmetric key on the new database?

I have an issue with symmetric key restoring on the another database. I have table in the first(old) database with encrypted column.(The table contains encrypted data) The key in the old database has been created with the next sql script: CREATE…
k0lpak
  • 183
  • 1
  • 5
1
2 3
23 24